Todokan

Security checks across malware telemetry and agentic risk

Overview

Todokan is a disclosed MCP integration for managing Todokan tasks, with its task access and write permissions aligned to that purpose.

Install with a Todokan key whose scope matches what you want the agent to do. Prefer the worker endpoint for read/comment use, use the planner endpoint only if you want create/update/delete authority, review confirmations before writes or deletion, and avoid sending secrets or unnecessary personal data to Todokan tasks or documents.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Low

Confidence: 83% confidence
Finding: The skill documents that MCP returns AI-enabled tasks by default and further describes a mechanism that marks tasks as AI-visible via a user action in the product. While this is primarily documenting backend behavior rather than directly implementing it, it normalizes agent access to task data without requiring an explicit consent step at skill runtime, which can lead to privacy surprises or oversharing if users assume broader task data remains excluded. In this productivity/task-management context the risk is limited because the feature appears product-scoped and user-controlled, but it still affects sensitive work items and should be treated as a real privacy concern.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal